I have the following configuration on my gateway:
Code: Select all
[root@gw server]# uname -a
Linux gw 3.10.0-693.5.2.el7.x86_64 #1 SMP Fri Oct 20 20:32:50 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@gw server]# cat /etc/centos-release
CentOS Linux release 7.4.1708 (Core)
[root@gw server]# firewall-cmd --version
0.4.4.4
[root@gw server]# firewall-cmd --get-active-zones
public
interfaces: ens160
trusted
interfaces: ens192
[root@gw server]# firewall-cmd --zone=public --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: ssh dhcpv6-client openvpn
ports:
protocols:
masquerade: yes
forward-ports: port=443:proto=tcp:toport=:toaddr=10.128.5.200
source-ports:
icmp-blocks:
rich rules:
[root@gw server]# firewall-cmd --zone=trusted --list-all
trusted (active)
target: ACCEPT
icmp-block-inversion: no
interfaces: ens192
sources:
services:
ports:
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Could you please tell me if this is a bug or I do something wrong (and how to do it right, yes)?
Thanks a lot in advance.